Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/breezy-3.1.0/breezy/_annotator_pyx.c
Examining data/breezy-3.1.0/breezy/_bencode_pyx.c
Examining data/breezy-3.1.0/breezy/_bencode_pyx.h
Examining data/breezy-3.1.0/breezy/_chunks_to_lines_pyx.c
Examining data/breezy-3.1.0/breezy/_export_c_api.h
Examining data/breezy-3.1.0/breezy/_import_c_api.h
Examining data/breezy-3.1.0/breezy/_known_graph_pyx.c
Examining data/breezy-3.1.0/breezy/_readdir_pyx.c
Examining data/breezy-3.1.0/breezy/_rio_pyx.c
Examining data/breezy-3.1.0/breezy/_simple_set_pyx.c
Examining data/breezy-3.1.0/breezy/_simple_set_pyx.h
Examining data/breezy-3.1.0/breezy/_simple_set_pyx_api.h
Examining data/breezy-3.1.0/breezy/_static_tuple_c.c
Examining data/breezy-3.1.0/breezy/_static_tuple_c.h
Examining data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c
Examining data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c
Examining data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c
Examining data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.h
Examining data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c
Examining data/breezy-3.1.0/breezy/bzr/_knit_load_data_pyx.c
Examining data/breezy-3.1.0/breezy/bzr/delta.h
Examining data/breezy-3.1.0/breezy/bzr/diff-delta.c
Examining data/breezy-3.1.0/breezy/python-compat.h
Examining data/breezy-3.1.0/breezy/readdir.h
FINAL RESULTS:
data/breezy-3.1.0/breezy/_annotator_pyx.c:772:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/breezy-3.1.0/breezy/_bencode_pyx.c:775:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/breezy-3.1.0/breezy/_bencode_pyx.c:4802:15: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
__pyx_v_n = snprintf(__pyx_v_self->tail, __pyx_e_6breezy_12_bencode_pyx_INT_BUF_SIZE, ((char *)"i%de"), __pyx_v_x);
data/breezy-3.1.0/breezy/_bencode_pyx.c:5049:15: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
__pyx_v_n = snprintf(__pyx_v_self->tail, __pyx_e_6breezy_12_bencode_pyx_INT_BUF_SIZE, ((char *)"%ld:"), __pyx_v_x_len);
data/breezy-3.1.0/breezy/_chunks_to_lines_pyx.c:772:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/breezy-3.1.0/breezy/_known_graph_pyx.c:772:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/breezy-3.1.0/breezy/_readdir_pyx.c:778:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/breezy-3.1.0/breezy/_rio_pyx.c:772:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/breezy-3.1.0/breezy/_simple_set_pyx.c:771:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:774:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c:774:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c:1613:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)(sprintf(__pyx_v_c_out, ((char const *)"%08lX"), __pyx_v_crc_val));
data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c:775:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:774:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/breezy-3.1.0/breezy/bzr/_knit_load_data_pyx.c:772:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(__PYX_DEFAULT_STRING_ENCODING, default_encoding_c);
data/breezy-3.1.0/breezy/python-compat.h:116:10: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/breezy-3.1.0/breezy/python-compat.h:116:20: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/breezy-3.1.0/breezy/_bencode_pyx.c:9842:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate) PyErr_Clear();
data/breezy-3.1.0/breezy/_bencode_pyx.c:9843:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/_bencode_pyx.c:9843:58: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/_bencode_pyx.c:9864:16: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Py_XDECREF(setstate);
data/breezy-3.1.0/breezy/_known_graph_pyx.c:17131:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate) PyErr_Clear();
data/breezy-3.1.0/breezy/_known_graph_pyx.c:17132:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/_known_graph_pyx.c:17132:58: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/_known_graph_pyx.c:17153:16: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Py_XDECREF(setstate);
data/breezy-3.1.0/breezy/_readdir_pyx.c:6849:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate) PyErr_Clear();
data/breezy-3.1.0/breezy/_readdir_pyx.c:6850:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/_readdir_pyx.c:6850:58: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/_readdir_pyx.c:6871:16: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Py_XDECREF(setstate);
data/breezy-3.1.0/breezy/_simple_set_pyx.c:8379:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate) PyErr_Clear();
data/breezy-3.1.0/breezy/_simple_set_pyx.c:8380:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/_simple_set_pyx.c:8380:58: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/_simple_set_pyx.c:8401:16: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Py_XDECREF(setstate);
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:13285:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate) PyErr_Clear();
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:13286:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:13286:58: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:13307:16: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Py_XDECREF(setstate);
data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c:29656:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate) PyErr_Clear();
data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c:29657:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c:29657:58: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c:29678:16: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Py_XDECREF(setstate);
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:8628:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate) PyErr_Clear();
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:8629:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:8629:58: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:8650:16: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Py_XDECREF(setstate);
data/breezy-3.1.0/breezy/bzr/_knit_load_data_pyx.c:6046:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate) PyErr_Clear();
data/breezy-3.1.0/breezy/bzr/_knit_load_data_pyx.c:6047:18: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/bzr/_knit_load_data_pyx.c:6047:58: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (!setstate || __Pyx_setup_reduce_is_named(setstate, __pyx_n_s_setstate_cython)) {
data/breezy-3.1.0/breezy/bzr/_knit_load_data_pyx.c:6068:16: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
Py_XDECREF(setstate);
data/breezy-3.1.0/breezy/_annotator_pyx.c:725:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/breezy-3.1.0/breezy/_annotator_pyx.c:5803:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/breezy-3.1.0/breezy/_annotator_pyx.c:7436:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/breezy-3.1.0/breezy/_annotator_pyx.c:7440:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/breezy-3.1.0/breezy/_bencode_pyx.c:728:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/breezy-3.1.0/breezy/_bencode_pyx.c:4967:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_self->tail, PyBytes_AS_STRING(__pyx_v_s), __pyx_v_n));
data/breezy-3.1.0/breezy/_bencode_pyx.c:5093:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(((void *)(__pyx_v_self->tail + __pyx_v_n)), PyBytes_AS_STRING(__pyx_v_x), __pyx_v_x_len));
data/breezy-3.1.0/breezy/_bencode_pyx.c:9876:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/breezy-3.1.0/breezy/_bencode_pyx.c:11479:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/breezy-3.1.0/breezy/_bencode_pyx.c:11483:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/breezy-3.1.0/breezy/_chunks_to_lines_pyx.c:725:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/breezy-3.1.0/breezy/_chunks_to_lines_pyx.c:2580:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/breezy-3.1.0/breezy/_chunks_to_lines_pyx.c:3400:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/breezy-3.1.0/breezy/_chunks_to_lines_pyx.c:3404:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/breezy-3.1.0/breezy/_known_graph_pyx.c:725:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/breezy-3.1.0/breezy/_known_graph_pyx.c:17165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/breezy-3.1.0/breezy/_known_graph_pyx.c:17990:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/breezy-3.1.0/breezy/_known_graph_pyx.c:17994:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/breezy-3.1.0/breezy/_readdir_pyx.c:731:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/breezy-3.1.0/breezy/_readdir_pyx.c:3360:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
__pyx_v_orig_dir_fd = open(((char *)"."), O_RDONLY, 0);
data/breezy-3.1.0/breezy/_readdir_pyx.c:7727:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/breezy-3.1.0/breezy/_readdir_pyx.c:7731:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/breezy-3.1.0/breezy/_rio_pyx.c:725:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/breezy-3.1.0/breezy/_rio_pyx.c:1684:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_value, ((__pyx_v_line + __pyx_v_i) + 2), ((__pyx_v_len - __pyx_v_i) - 2)));
data/breezy-3.1.0/breezy/_rio_pyx.c:1882:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_value, (&(__pyx_v_line[(__pyx_v_i + 2)])), (((__pyx_v_len - __pyx_v_i) - 2) * (sizeof(Py_UNICODE)))));
data/breezy-3.1.0/breezy/_rio_pyx.c:2460:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy((__pyx_v_accum_value + __pyx_v_accum_len), (__pyx_v_c_line + 1), (__pyx_v_c_len - 1)));
data/breezy-3.1.0/breezy/_rio_pyx.c:3242:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy((&(__pyx_v_accum_value[__pyx_v_accum_len])), (&(__pyx_v_c_line[1])), ((__pyx_v_c_len - 1) * (sizeof(Py_UNICODE)))));
data/breezy-3.1.0/breezy/_rio_pyx.c:4795:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/breezy-3.1.0/breezy/_rio_pyx.c:5668:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/breezy-3.1.0/breezy/_rio_pyx.c:5672:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/breezy-3.1.0/breezy/_simple_set_pyx.c:724:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/breezy-3.1.0/breezy/_simple_set_pyx.c:8413:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/breezy-3.1.0/breezy/_simple_set_pyx.c:9238:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/breezy-3.1.0/breezy/_simple_set_pyx.c:9242:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/breezy-3.1.0/breezy/_simple_set_pyx_api.h:107:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:727:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:834:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sha1[20];
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:873:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char offsets[0x101];
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:4714:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_c_buf, ((char *)"sha1:"), 5));
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:6000:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char __pyx_v_sha1[20];
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:6137:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char __pyx_v_sha1[20];
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:9437:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_out, __pyx_t_15, __pyx_v_key_len));
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:9770:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_out, PyBytes_AS_STRING(__pyx_v_ref_bit), __pyx_v_ref_bit_len));
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:9836:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_out, __pyx_v_value, __pyx_v_value_len));
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:13319:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:14426:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:14430:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c:727:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c:1964:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
__pyx_v_next_line = ((char *)memchr((__pyx_v_cur[0]), '\n', (__pyx_v_end - (__pyx_v_cur[0]))));
data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c:3130:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_c_entry, __pyx_v_prefix_tail, __pyx_v_prefix_tail_len));
data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c:3158:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy((__pyx_v_c_entry + __pyx_v_prefix_tail_len), __pyx_v_line_start, (__pyx_v_next_null - __pyx_v_line_start)));
data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c:4323:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_c_item_prefix, __pyx_v_prefix, __pyx_v_prefix_length));
data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c:4341:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy((__pyx_v_c_item_prefix + __pyx_v_prefix_length), __pyx_v_cur, (__pyx_v_next_null - __pyx_v_cur)));
data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c:7013:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c:7864:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c:7868:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c:728:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c:7314:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char __pyx_v_result[(6 * 4)];
data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c:9193:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char __pyx_v__minikind[1];
data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c:29690:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c:30608:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c:30612:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:727:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:5518:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_out, (__pyx_v_source + __pyx_v_cp_off), __pyx_v_cp_size));
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:5630:20: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)(memcpy(__pyx_v_out, __pyx_v_data, __pyx_v_cmd));
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:6311:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char __pyx_v_c_bytes[8];
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:8662:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:10015:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:10019:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/breezy-3.1.0/breezy/bzr/_knit_load_data_pyx.c:725:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ascii_chars[128];
data/breezy-3.1.0/breezy/bzr/_knit_load_data_pyx.c:6080:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning[200];
data/breezy-3.1.0/breezy/bzr/_knit_load_data_pyx.c:6905:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ctversion[4], rtversion[4];
data/breezy-3.1.0/breezy/bzr/_knit_load_data_pyx.c:6909:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/breezy-3.1.0/breezy/bzr/diff-delta.c:660:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
get_text(char buff[128], const unsigned char *ptr)
data/breezy-3.1.0/breezy/bzr/diff-delta.c:683:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff, start, cmd);
data/breezy-3.1.0/breezy/_annotator_pyx.c:649:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/breezy-3.1.0/breezy/_annotator_pyx.c:770:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1);
data/breezy-3.1.0/breezy/_annotator_pyx.c:7484:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/breezy-3.1.0/breezy/_bencode_pyx.c:652:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/breezy-3.1.0/breezy/_bencode_pyx.c:773:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1);
data/breezy-3.1.0/breezy/_bencode_pyx.c:11527:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/breezy-3.1.0/breezy/_chunks_to_lines_pyx.c:649:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/breezy-3.1.0/breezy/_chunks_to_lines_pyx.c:770:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1);
data/breezy-3.1.0/breezy/_chunks_to_lines_pyx.c:3448:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/breezy-3.1.0/breezy/_known_graph_pyx.c:649:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/breezy-3.1.0/breezy/_known_graph_pyx.c:770:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1);
data/breezy-3.1.0/breezy/_known_graph_pyx.c:18038:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/breezy-3.1.0/breezy/_readdir_pyx.c:655:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/breezy-3.1.0/breezy/_readdir_pyx.c:776:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1);
data/breezy-3.1.0/breezy/_readdir_pyx.c:7775:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/breezy-3.1.0/breezy/_rio_pyx.c:649:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/breezy-3.1.0/breezy/_rio_pyx.c:770:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1);
data/breezy-3.1.0/breezy/_rio_pyx.c:5716:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/breezy-3.1.0/breezy/_simple_set_pyx.c:648:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/breezy-3.1.0/breezy/_simple_set_pyx.c:769:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1);
data/breezy-3.1.0/breezy/_simple_set_pyx.c:9323:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:651:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:772:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1);
data/breezy-3.1.0/breezy/bzr/_btree_serializer_pyx.c:14474:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c:651:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c:772:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1);
data/breezy-3.1.0/breezy/bzr/_chk_map_pyx.c:7912:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c:652:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c:773:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1);
data/breezy-3.1.0/breezy/bzr/_dirstate_helpers_pyx.c:30656:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:651:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:772:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1);
data/breezy-3.1.0/breezy/bzr/_groupcompress_pyx.c:10063:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
data/breezy-3.1.0/breezy/bzr/_knit_load_data_pyx.c:649:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define __Pyx_PyByteArray_FromString(s) PyByteArray_FromStringAndSize((const char*)s, strlen((const char*)s))
data/breezy-3.1.0/breezy/bzr/_knit_load_data_pyx.c:770:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
__PYX_DEFAULT_STRING_ENCODING = (char*) malloc(strlen(default_encoding_c) + 1);
data/breezy-3.1.0/breezy/bzr/_knit_load_data_pyx.c:6953:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return __Pyx_PyUnicode_FromStringAndSize(c_str, (Py_ssize_t)strlen(c_str));
ANALYSIS SUMMARY:
Hits = 160
Lines analyzed = 139212 in approximately 4.06 seconds (34265 lines/second)
Physical Source Lines of Code (SLOC) = 91853
Hits@level = [0] 5 [1] 36 [2] 75 [3] 32 [4] 17 [5] 0
Hits@level+ = [0+] 165 [1+] 160 [2+] 124 [3+] 49 [4+] 17 [5+] 0
Hits/KSLOC@level+ = [0+] 1.79635 [1+] 1.74191 [2+] 1.34998 [3+] 0.533461 [4+] 0.185078 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.